Stay up to date with the latest from the Knowledge Center. See all new and updated Knowledge Center articles published in the last month and re:Post’s top contributors.
VPC Lambda internet access failure
What I did: created VPC in the wizard, added an Internet gateway, connected VPC to my function, assigned function rights EC2:*, added a route to the Internet gateway... The Internet does not work.
Okay, I add NAT, reconfigure the route to NAT... same result. What could be wrong with the settings?
Now VPC:
- Newest
- Most votes
- Most comments
Do you also have private and public subnet(s)? If your original VPC had only single layer (ie. public) subnet(s), then adding a NAT gateway and changing the default route from Internet gateway to NAT won't work because now NAT gateway don't have a route to internet any longer. Solution is to have public subnet (with a route to igw) and place NAT gw there, and private subnet with a route to NAT GW. Then you can place lambda functions into private subnets.
Here is an example how to create VPC with public and private subnets using VPC Wizard
https://aws-core-services.ws.kabits.com/two-tier-application-linux/vpc/create-vpc/
Your Lambda functions must be attached to a private subnet. Currently you have it attached to a public subnet, the same subnet you deployed the NAT Gateway. You set the route table for that subnet that all Internet traffic should go to the NAT Gateway. However, because the NAT Gateway itself uses the same route table, all it's traffic routes to itself.
Create some private subnets, attach the function to those subnets, set the route table for the public subnets to route to the internet gateway and the route table for the private subnets to route to the NAT gateway.
Relevant content
- asked 3 years ago
- asked a year ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
